Running a VPN on an iOS device, be that an iPhone or an iPad, isn't protecting all of your data or keeping your identity hidden from prying eyes.
As Ars Techinca reports(Opens in a new window), that's the conclusion of security researcher Michael Horowitz, and he points out VPNs on iOS have been broken for at least the past two years(Opens in a new window). The problem was reported by Proton VPN(Opens in a new window) back in 2020, and it has to do with the way in which Apple's mobile operating system handles internet connections.
When connecting to a VPN, an operating system should close all existing internet connections and re-establish them through the protected VPN tunnel. By doing so, all traffic passing through the device is shielded from prying eyes by the VPN. However, iOS doesn't do this. When a VPN is connected to, new internet connections will use it, but iOS doesn't close existing connections and restart them.
The end result is data leaks from an iOS device even though the user believes they are protected by the VPN. Horowitz tested this most recently using iOS 15.6 and confirmed data still leaks even though the problem was highlighted back when iOS 13 was the latest version. Horowitz also discovered reference to VPN data leaks as far back as 2018 in iOS 11.2.5(Opens in a new window).
As this is a problem with iOS, it's up to Apple to provide a fix, which it has failed to do since iOS 11 based on this evidence. Proton VPN suggests connecting your device to a VPN, turning on airplane mode, then turning it off again to force reconnections. Horowitz on the other hand says the only way to ensure your privacy and security is a dedicated VPN router.
Sign up for SecurityWatch newsletter for our top privacy and
Read more on pcmag.com